r/openwrt

•

2 yr. ago

Beginner in OpenWRT : Can't set Adguard home as my DNS for all my networks

Hi,

I am new to OpenWRT and managed to have my network configured as well as a guest network. Now I'm trying to put everything behind Adguard Home. I tried to follow this guide : https://openwrt.org/docs/guide-user/services/dns/adguard-home#installation

But after doing so I have 2 problems :

The guest network no longer have DNS access (so no internet)
OpenWRT doesn't have internet access (so it can't download opkg packages for example)

Adguard works only for my main network. Could someone help me to set it up properly ? I can't find how.

I made a post about this with my whole config : https://forum.openwrt.org/t/adguard-home-as-my-primary-dns-doesnt-work-for-guests/155083

By the way, I am new to OpenWRT so if you see errors or bad things in my config, or have tips to improve it, I'm very interested.

Thanks in advance for any answer, have a great day

adobe

• Official •

Promoted

Discover how fashion brand co-founder Bryan Bonilla uses Acrobat AI Assistant to simplify marketing reports and boost productivity, leaving him more time to be creative and pursue collaborations with more artists. Explore all you can do with an AI Assistant today.

Learn More

adobe.com

Starfox-sf

•

2y ago

• Edited 2y ago •

That’s a known issue on AGH itself.

https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration

Need bind_hosts (after v0.106.0).

find / -name AdGuardHome.yaml -ls

— Starfox

LeVraiRoiDHyrule

•

2y ago

•

Found it, thanks a lot for this command.

Here is my AGH config :

bind_host: 192.168.1.1
bind_port: 3001
beta_bind_port: 0
users:
  - name: [removed]
    password: [removed]
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
debug_pprof: false
web_session_ttl: 720
dns:
  bind_hosts:
    - 192.168.1.1
  port: 53
  statistics_interval: 1
  querylog_enabled: true
  querylog_file_enabled: true
  querylog_interval: 2160h
  querylog_size_memory: 1000
  anonymize_client_ip: false
  protection_enabled: true
  blocking_mode: default
  blocking_ipv4: ""
  blocking_ipv6: ""
  blocked_response_ttl: 10
  parental_block_host: family-block.dns.adguard.com
  safebrowsing_block_host: standard-block.dns.adguard.com
  ratelimit: 20
  ratelimit_whitelist: []
  refuse_any: true
  upstream_dns:
    - 9.9.9.10
    - 149.112.112.10
    - 2620:fe::10
    - 2620:fe::fe:10
    - '[/lan/]127.0.0.1:54'
    - '[//]127.0.0.1:54'
        - '[/pool.ntp.org/]9.9.9.10'
    - '[/pool.ntp.org/]149.112.112.10'
    - '[/pool.ntp.org/]2620:fe::10'
    - '[/pool.ntp.org/]2620:fe::fe:10'
  upstream_dns_file: ""
  bootstrap_dns:
    - 9.9.9.10
    - 149.112.112.10
    - 2620:fe::10
    - 2620:fe::fe:10
  all_servers: false
  fastest_addr: false
  fastest_timeout: 1s
  allowed_clients: []
  disallowed_clients: []
  blocked_hosts:
    - version.bind
    - id.server
    - hostname.bind
  trusted_proxies:
    - 127.0.0.0/8
    - ::1/128
  cache_size: 4194304
  cache_ttl_min: 0
  cache_ttl_max: 0
  cache_optimistic: false
  bogus_nxdomain: []
  aaaa_disabled: false
  enable_dnssec: false
  edns_client_subnet: false
  max_goroutines: 300
  handle_ddr: true
  ipset: []
  ipset_file: ""
  filtering_enabled: true
  filters_update_interval: 24
  parental_enabled: false
  safesearch_enabled: false
  safebrowsing_enabled: false
  safebrowsing_cache_size: 1048576
  safesearch_cache_size: 1048576
  parental_cache_size: 1048576
  cache_time: 30
  rewrites: []
  blocked_services: []
  upstream_timeout: 10s
  private_networks: []
  use_private_ptr_resolvers: true
  local_ptr_upstreams:
    - 192.168.1.1:54
  serve_http3: false
  use_http3_upstreams: false
tls:
  enabled: false
  server_name: ""
  force_https: false
  port_https: 443
  port_dns_over_tls: 853
  port_dns_over_quic: 853
  port_dnscrypt: 0
  dnscrypt_config_file: ""
  allow_unencrypted_doh: false
  certificate_chain: ""
  private_key: ""
  certificate_path: ""
  private_key_path: ""
  strict_sni_check: false
filters:
  - enabled: true
    url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt
    name: AdGuard DNS filter
    id: 1
  - enabled: false
    url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt
        name: AdAway Default Blocklist
    id: 2
whitelist_filters: []
user_rules: []
dhcp:
  enabled: false
  interface_name: ""
  local_domain_name: lan
  dhcpv4:
    gateway_ip: ""
    subnet_mask: ""
    range_start: ""
    range_end: ""
    lease_duration: 86400
    icmp_timeout_msec: 1000
    options: []
  dhcpv6:
    range_start: ""
    lease_duration: 86400
    ra_slaac_only: false
    ra_allow_slaac: false
clients:
  runtime_sources:
    whois: true
    arp: true
    rdns: true
    dhcp: true
    hosts: true
  persistent: []
log_file: ""
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_compress: false
log_localtime: false
verbose: false
os:
  group: ""
  user: ""
    rlimit_nofile: 0
schema_version: 14

So now I know how to change it without re-doing the initial configuration. But can it listen on multiple interfaces ? In the documentation interface is singular so I guess the answer is no. But then how to adapt my configuration so that I have a common interface for adguard but still 2 interfaces for both my personal and guest network ?

Thanks in advance for any answer, have a great day

Starfox-sf

•

2y ago

•

If you want your server to accept requests on all interfaces and using both IP versions, for example if you run a public server, put one item with the unspecified IP of any version:

'dns':
    'bind_hosts':
    - '0.0.0.0'

LeVraiRoiDHyrule

•

2y ago

•

If I do this, it means that the DNS will also be accessible from the outside of my network. Could this be a security problem?

I am hosting some services like home assistant on a Raspberry pi on Port 443 with caddy. Could this cause problem with its access?

9 more replies More replies

More replies

Beginner in OpenWRT : Can't set Adguard home as my DNS for all my networks

Comments Section

is it me or is it opkg?

OpenWrt developers are discussing 24.xx plans on the mailing list again

I wrote a quick guide to install Adguard Home on OpenWrt

Minion says addons are all up to date, game says they aren't?

I have no idea how to use RTL_433.

Router DNS issue after installing Adguard Home (devices work fine but not router).

adguardhome package in opkg is old

RG353M w/ BlackSeraph App Test Request

Need help with OpenWRT (dumb) Acces Point + AdGuardHome combo

Fix data from rtl_power and an upconverter

AdBlock or AdGuard Home for my setup?

Adguard - app vs extension. Is it worth to buy?

OpenWRT and ADGuard Home

Do you have to let AdGuard Home on OpenWrt update itself outside of opkg? Is `/opt/AdGuardHome/agh-backup/` folder strictly required? Would AGH even fit on a 128MB NAND router with an automatic recovery dual-boot scheme?

Can't exit EDL on Oppo A37f

TrueNAS 24.10.0 (Electric Eel) - Now available!

Announcement: TSDProxy 0.5.0

PSA: If you use GlosSI as a "game" for desktop, you wont have to use -oldbigpicture to use the old OSK and the OSK wont freeze after you close it

OpenZFS deduplication is good now and you shouldn't use it

How to upload g200kg patch codes to multistomp?

TTeck´s ProxmoxVE Helper Scripts Changes

Tailscale appreciation post

No NAT November

I can't load/port my Godot 3.5 project to Godot 4, because apparently I don't have Vulkan, help

Just spent 30 minutes seriously confused why I couldn't access my Proxmox server from any of my devices...

Top Posts

Sign Up

Create your username and password

Sign Up

Create your username and password

Reset your password

Check your inbox

Choose a Reddit account to continue

Reset your password

Beginner in OpenWRT : Can't set Adguard home as my DNS for all my networks

Comments Section

is it me or is it opkg?

OpenWrt developers are discussing 24.xx plans on the mailing list again

I wrote a quick guide to install Adguard Home on OpenWrt

Minion says addons are all up to date, game says they aren't?

I have no idea how to use RTL_433.

Router DNS issue after installing Adguard Home (devices work fine but not router).

adguardhome package in opkg is old

RG353M w/ BlackSeraph App Test Request

Need help with OpenWRT (dumb) Acces Point + AdGuardHome combo

Fix data from rtl_power and an upconverter

AdBlock or AdGuard Home for my setup?

Adguard - app vs extension. Is it worth to buy?

OpenWRT and ADGuard Home

Do you have to let AdGuard Home on OpenWrt update itself outside of opkg? Is `/opt/AdGuardHome/agh-backup/` folder strictly required? Would AGH even fit on a 128MB NAND router with an automatic recovery dual-boot scheme?

Can't exit EDL on Oppo A37f

TrueNAS 24.10.0 (Electric Eel) - Now available!

Announcement: TSDProxy 0.5.0

PSA: If you use GlosSI as a "game" for desktop, you wont have to use -oldbigpicture to use the old OSK and the OSK wont freeze after you close it

OpenZFS deduplication is good now and you shouldn't use it

How to upload g200kg patch codes to multistomp?

TTeck´s ProxmoxVE Helper Scripts Changes

Tailscale appreciation post

No NAT November

I can't load/port my Godot 3.5 project to Godot 4, because apparently I don't have Vulkan, help

Just spent 30 minutes seriously confused why I couldn't access my Proxmox server from any of my devices...

Top Posts

Log In

Enter the 6-digit code from your authenticator app

Enter a 6-digit backup code

Sign Up

Create your username and password

Sign Up

Create your username and password

Reset your password

Check your inbox

Choose a Reddit account to continue

Reset your password